diff --git a/routes/showProductReviews.ts b/routes/showProductReviews.ts index 7b61bc29bd1..c6ec4720f11 100644 --- a/routes/showProductReviews.ts +++ b/routes/showProductReviews.ts @@ -31,7 +31,7 @@ module.exports = function productReviews () { // Measure how long the query takes, to check if there was a nosql dos attack const t0 = new Date().getTime() - db.reviews.find({ $where: 'this.product == ' + id }).then((reviews: Review[]) => { + db.reviews.find({ product: { $eq: id } }).then((reviews: Review[]) => { const t1 = new Date().getTime() challengeUtils.solveIf(challenges.noSqlCommandChallenge, () => { return (t1 - t0) > 2000 }) const user = security.authenticatedUsers.from(req)